In this first phase, an attacker gathers intelligence about the target organisation and its customers to tailor the attack accordingly and increase the chances of it being successful. The attacker researches the target to identify the employees most vulnerable to social engineering, such as those with extensive access to sensitive systems or data.
Time scale
Days – months
Tactics used
- Social media analysis
- Digital fingerprinting
- Network analysis